chef 17.4.25-universal-mingw32 → 17.6.18-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (89) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -2
  3. data/chef.gemspec +2 -0
  4. data/lib/chef/application/base.rb +11 -1
  5. data/lib/chef/client.rb +1 -2
  6. data/lib/chef/compliance/input.rb +115 -0
  7. data/lib/chef/compliance/input_collection.rb +139 -0
  8. data/lib/chef/compliance/profile.rb +122 -0
  9. data/lib/chef/compliance/profile_collection.rb +109 -0
  10. data/lib/chef/compliance/reporter/automate.rb +1 -1
  11. data/lib/chef/compliance/runner.rb +48 -6
  12. data/lib/chef/compliance/waiver.rb +115 -0
  13. data/lib/chef/compliance/waiver_collection.rb +143 -0
  14. data/lib/chef/dsl/compliance.rb +38 -0
  15. data/lib/chef/dsl/reader_helpers.rb +51 -0
  16. data/lib/chef/dsl/recipe.rb +4 -2
  17. data/lib/chef/dsl/secret.rb +2 -4
  18. data/lib/chef/dsl/universal.rb +2 -0
  19. data/lib/chef/event_dispatch/base.rb +44 -2
  20. data/lib/chef/formatters/doc.rb +60 -13
  21. data/lib/chef/formatters/minimal.rb +6 -5
  22. data/lib/chef/http/basic_client.rb +15 -7
  23. data/lib/chef/http.rb +12 -8
  24. data/lib/chef/provider/file.rb +2 -0
  25. data/lib/chef/provider/link.rb +2 -2
  26. data/lib/chef/provider/registry_key.rb +3 -2
  27. data/lib/chef/provider/remote_file/http.rb +1 -1
  28. data/lib/chef/provider/template.rb +1 -1
  29. data/lib/chef/resource/archive_file.rb +17 -14
  30. data/lib/chef/resource/chef_client_scheduled_task.rb +45 -2
  31. data/lib/chef/resource/chocolatey_config.rb +13 -13
  32. data/lib/chef/resource/execute.rb +2 -2
  33. data/lib/chef/resource/file/verification/json.rb +50 -0
  34. data/lib/chef/resource/file/verification/yaml.rb +52 -0
  35. data/lib/chef/resource/inspec_input.rb +127 -0
  36. data/lib/chef/resource/inspec_waiver.rb +184 -0
  37. data/lib/chef/resource/mount.rb +1 -1
  38. data/lib/chef/resource/openssl_x509_certificate.rb +1 -1
  39. data/lib/chef/resource/powershell_package_source.rb +234 -70
  40. data/lib/chef/resource/registry_key.rb +36 -48
  41. data/lib/chef/resource/remote_file.rb +98 -2
  42. data/lib/chef/resource/timezone.rb +2 -2
  43. data/lib/chef/resource/user_ulimit.rb +1 -0
  44. data/lib/chef/resource/windows_printer.rb +1 -1
  45. data/lib/chef/resource/windows_uac.rb +3 -1
  46. data/lib/chef/resource/windows_user_privilege.rb +1 -1
  47. data/lib/chef/resource.rb +1 -1
  48. data/lib/chef/resources.rb +2 -0
  49. data/lib/chef/run_context/cookbook_compiler.rb +112 -28
  50. data/lib/chef/run_context.rb +31 -1
  51. data/lib/chef/secret_fetcher/akeyless_vault.rb +57 -0
  52. data/lib/chef/secret_fetcher/aws_secrets_manager.rb +1 -1
  53. data/lib/chef/secret_fetcher/azure_key_vault.rb +1 -1
  54. data/lib/chef/secret_fetcher/base.rb +1 -1
  55. data/lib/chef/secret_fetcher/hashi_vault.rb +100 -0
  56. data/lib/chef/secret_fetcher.rb +8 -2
  57. data/lib/chef/version.rb +1 -1
  58. data/lib/chef/win32/version.rb +2 -1
  59. data/spec/data/archive_file/test_archive.tar.gz +0 -0
  60. data/spec/functional/resource/archive_file_spec.rb +87 -0
  61. data/spec/functional/resource/group_spec.rb +5 -1
  62. data/spec/functional/resource/link_spec.rb +8 -0
  63. data/spec/functional/resource/powershell_package_source_spec.rb +5 -6
  64. data/spec/integration/compliance/compliance_spec.rb +60 -0
  65. data/spec/spec_helper.rb +3 -0
  66. data/spec/support/platform_helpers.rb +4 -0
  67. data/spec/support/ruby_installer.rb +51 -0
  68. data/spec/unit/compliance/input_spec.rb +104 -0
  69. data/spec/unit/compliance/profile_spec.rb +120 -0
  70. data/spec/unit/compliance/waiver_spec.rb +104 -0
  71. data/spec/unit/formatters/doc_spec.rb +1 -1
  72. data/spec/unit/http/basic_client_spec.rb +30 -0
  73. data/spec/unit/http_spec.rb +8 -2
  74. data/spec/unit/provider/link_spec.rb +13 -7
  75. data/spec/unit/provider/remote_file/http_spec.rb +10 -0
  76. data/spec/unit/provider/template_spec.rb +2 -2
  77. data/spec/unit/resource/archive_file_spec.rb +414 -3
  78. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +69 -0
  79. data/spec/unit/resource/file/verification/json_spec.rb +72 -0
  80. data/spec/unit/resource/file/verification/yaml_spec.rb +67 -0
  81. data/spec/unit/resource/inspec_input_spec.rb +300 -0
  82. data/spec/unit/resource/inspec_waiver_spec.rb +312 -0
  83. data/spec/unit/resource/mount_spec.rb +10 -0
  84. data/spec/unit/resource/powershell_package_source_spec.rb +63 -62
  85. data/spec/unit/resource/user_ulimit_spec.rb +14 -1
  86. data/spec/unit/secret_fetcher/akeyless_vault_spec.rb +37 -0
  87. data/spec/unit/secret_fetcher/hashi_vault_spec.rb +80 -0
  88. data/tasks/rspec.rb +2 -1
  89. metadata +60 -6
@@ -0,0 +1,115 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require "yaml"
19
+
20
+ class Chef
21
+ module Compliance
22
+ #
23
+ # Chef object that represents a single waiver file in the compliance
24
+ # segment of a cookbook
25
+ #
26
+ class Waiver
27
+ # @return [Boolean] if the waiver has been enabled
28
+ attr_reader :enabled
29
+
30
+ # @return [String] The name of the cookbook that the waiver is in
31
+ attr_reader :cookbook_name
32
+
33
+ # @return [String] The full path on the host to the waiver yml file
34
+ attr_reader :path
35
+
36
+ # @return [String] the pathname in the cookbook
37
+ attr_reader :pathname
38
+
39
+ # @api private
40
+ attr_reader :data
41
+
42
+ # Event dispatcher for this run.
43
+ #
44
+ # @return [Chef::EventDispatch::Dispatcher]
45
+ #
46
+ attr_accessor :events
47
+
48
+ def initialize(events, data, path, cookbook_name)
49
+ @events = events
50
+ @data = data
51
+ @cookbook_name = cookbook_name
52
+ @path = path
53
+ @pathname = File.basename(path, File.extname(path)) unless path.nil?
54
+ disable!
55
+ end
56
+
57
+ # @return [Boolean] if the waiver has been enabled
58
+ #
59
+ def enabled?
60
+ !!@enabled
61
+ end
62
+
63
+ # Set the waiver to being enabled
64
+ #
65
+ def enable!
66
+ events.compliance_waiver_enabled(self)
67
+ @enabled = true
68
+ end
69
+
70
+ # Set the waiver as being disabled
71
+ #
72
+ def disable!
73
+ @enabled = false
74
+ end
75
+
76
+ # Render the waiver in a way that it can be consumed by inspec
77
+ #
78
+ def inspec_data
79
+ data
80
+ end
81
+
82
+ HIDDEN_IVARS = [ :@events ].freeze
83
+
84
+ # Omit the event object from error output
85
+ #
86
+ def inspect
87
+ ivar_string = (instance_variables.map(&:to_sym) - HIDDEN_IVARS).map do |ivar|
88
+ "#{ivar}=#{instance_variable_get(ivar).inspect}"
89
+ end.join(", ")
90
+ "#<#{self.class}:#{object_id} #{ivar_string}>"
91
+ end
92
+
93
+ # Helper to construct a waiver object from a hash. Since the path and
94
+ # cookbook_name are required this is probably not externally useful.
95
+ #
96
+ def self.from_hash(events, hash, path = nil, cookbook_name = nil)
97
+ new(events, hash, path, cookbook_name)
98
+ end
99
+
100
+ # Helper to construct a waiver object from a yaml string. Since the path
101
+ # and cookbook_name are required this is probably not externally useful.
102
+ #
103
+ def self.from_yaml(events, string, path = nil, cookbook_name = nil)
104
+ from_hash(events, YAML.load(string), path, cookbook_name)
105
+ end
106
+
107
+ # @param filename [String] full path to the yml file in the cookbook
108
+ # @param cookbook_name [String] cookbook that the waiver is in
109
+ #
110
+ def self.from_file(events, filename, cookbook_name = nil)
111
+ from_yaml(events, IO.read(filename), filename, cookbook_name)
112
+ end
113
+ end
114
+ end
115
+ end
@@ -0,0 +1,143 @@
1
+ # Copyright:: Copyright (c) Chef Software Inc.
2
+ # License:: Apache License, Version 2.0
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+ #
16
+
17
+ require_relative "waiver"
18
+
19
+ class Chef
20
+ module Compliance
21
+ class WaiverCollection < Array
22
+
23
+ # Event dispatcher for this run.
24
+ #
25
+ # @return [Chef::EventDispatch::Dispatcher]
26
+ #
27
+ attr_reader :events
28
+
29
+ def initialize(events)
30
+ @events = events
31
+ end
32
+
33
+ # Add a waiver to the waiver collection. The cookbook_name needs to be determined by the
34
+ # caller and is used in the `include_waiver` API to match on. The path should be the complete
35
+ # path on the host of the yml file, including the filename.
36
+ #
37
+ # @param path [String]
38
+ # @param cookbook_name [String]
39
+ #
40
+ def from_file(filename, cookbook_name)
41
+ new_waiver = Waiver.from_file(events, filename, cookbook_name)
42
+ self << new_waiver
43
+ events.compliance_waiver_loaded(new_waiver)
44
+ end
45
+
46
+ # Add a waiver from a raw hash. This waiver will be enabled by default.
47
+ #
48
+ # @param path [String]
49
+ # @param cookbook_name [String]
50
+ #
51
+ def from_hash(hash)
52
+ new_waiver = Waiver.from_hash(events, hash)
53
+ new_waiver.enable!
54
+ self << new_waiver
55
+ end
56
+
57
+ # @return [Array<Waiver>] inspec waivers which are enabled in a form suitable to pass to inspec
58
+ #
59
+ def inspec_data
60
+ select(&:enabled?).each_with_object({}) { |waiver, hash| hash.merge(waiver.inspec_data) }
61
+ end
62
+
63
+ # DSL method to enable waiver files. This matches on the filename of the waiver file.
64
+ # If the specific waiver is omitted then it uses the default waiver. The string
65
+ # supports regular expression matching.
66
+ #
67
+ # @example Specific waiver file in a cookbook
68
+ #
69
+ # include_waiver "acme_cookbook::ssh-001"
70
+ #
71
+ # @example The compliance/waiver/default.rb waiver file in a cookbook
72
+ #
73
+ # include_waiver "acme_cookbook"
74
+ #
75
+ # @example Every waiver file in a cookbook
76
+ #
77
+ # include_waiver "acme_cookbook::.*"
78
+ #
79
+ # @example Matching waivers by regexp in a cookbook
80
+ #
81
+ # include_waiver "acme_cookbook::ssh.*"
82
+ #
83
+ # @example Matching waivers by regexp in any cookbook in the cookbook collection
84
+ #
85
+ # include_waiver ".*::ssh.*"
86
+ #
87
+ # @example Adding an arbitrary hash of data (not from any file in a cookbook)
88
+ #
89
+ # include_waiver({ "ssh-01" => {
90
+ # "expiration_date" => "2033-07-31",
91
+ # "run" => false,
92
+ # "justification" => "the reason it is waived",
93
+ # } })
94
+ #
95
+ def include_waiver(arg)
96
+ raise "include_waiver was given a nil value" if arg.nil?
97
+
98
+ # if we're given a hash argument just shove it in the collection
99
+ if arg.is_a?(Hash)
100
+ from_hash(arg)
101
+ return
102
+ end
103
+
104
+ matching_waivers!(arg).each(&:enable!)
105
+ end
106
+
107
+ def valid?(arg)
108
+ !matching_waivers(arg).empty?
109
+ end
110
+
111
+ HIDDEN_IVARS = [ :@events ].freeze
112
+
113
+ # Omit the event object from error output
114
+ #
115
+ def inspect
116
+ ivar_string = (instance_variables.map(&:to_sym) - HIDDEN_IVARS).map do |ivar|
117
+ "#{ivar}=#{instance_variable_get(ivar).inspect}"
118
+ end.join(", ")
119
+ "#<#{self.class}:#{object_id} #{ivar_string}>"
120
+ end
121
+
122
+ private
123
+
124
+ def matching_waivers(arg, should_raise: false)
125
+ (cookbook_name, waiver_name) = arg.split("::")
126
+
127
+ waiver_name = "default" if waiver_name.nil?
128
+
129
+ waivers = select { |waiver| /^#{cookbook_name}$/.match?(waiver.cookbook_name) && /^#{waiver_name}$/.match?(waiver.pathname) }
130
+
131
+ if waivers.empty? && should_raise
132
+ raise "No inspec waivers matching '#{waiver_name}' found in cookbooks matching '#{cookbook_name}'"
133
+ end
134
+
135
+ waivers
136
+ end
137
+
138
+ def matching_waivers!(arg)
139
+ matching_waivers(arg, should_raise: true)
140
+ end
141
+ end
142
+ end
143
+ end
@@ -0,0 +1,38 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ class Chef
19
+ module DSL
20
+ module Compliance
21
+
22
+ # @see Chef::Compliance::ProfileCollection#include_profile
23
+ def include_profile(*args)
24
+ run_context.profile_collection.include_profile(*args)
25
+ end
26
+
27
+ # @see Chef::Compliance::WaiverCollection#include_waiver
28
+ def include_waiver(*args)
29
+ run_context.waiver_collection.include_waiver(*args)
30
+ end
31
+
32
+ # @see Chef::Compliance::inputCollection#include_input
33
+ def include_input(*args)
34
+ run_context.input_collection.include_input(*args)
35
+ end
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,51 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ autoload :TOML, "tomlrb"
18
+ require_relative "../json_compat"
19
+ autoload :YAML, "yaml"
20
+
21
+ class Chef
22
+ module DSL
23
+ module ReaderHelpers
24
+
25
+ def parse_file(filename)
26
+ case File.extname(filename)
27
+ when ".toml"
28
+ parse_toml(filename)
29
+ when ".yaml", ".yml"
30
+ parse_yaml(filename)
31
+ when ".json"
32
+ parse_json(filename)
33
+ end
34
+ end
35
+
36
+ def parse_json(filename)
37
+ JSONCompat.parse(IO.read(filename))
38
+ end
39
+
40
+ def parse_toml(filename)
41
+ Tomlrb.load_file(filename)
42
+ end
43
+
44
+ def parse_yaml(filename)
45
+ YAML.load(IO.read(filename))
46
+ end
47
+
48
+ extend self
49
+ end
50
+ end
51
+ end
@@ -18,12 +18,13 @@
18
18
  #
19
19
 
20
20
  require_relative "../exceptions"
21
- require_relative "resources"
21
+ require_relative "compliance"
22
+ require_relative "declare_resource"
22
23
  require_relative "definitions"
23
24
  require_relative "include_recipe"
24
25
  require_relative "reboot_pending"
26
+ require_relative "resources"
25
27
  require_relative "universal"
26
- require_relative "declare_resource"
27
28
  require_relative "../mixin/notifying_block"
28
29
  require_relative "../mixin/lazy_module_include"
29
30
 
@@ -42,6 +43,7 @@ class Chef
42
43
  # - it also pollutes the namespace of nearly every context, watch out.
43
44
  #
44
45
  module Recipe
46
+ include Chef::DSL::Compliance
45
47
  include Chef::DSL::Universal
46
48
  include Chef::DSL::DeclareResource
47
49
  include Chef::Mixin::NotifyingBlock
@@ -51,10 +51,8 @@ class Chef
51
51
  # log "My secret is #{value}"
52
52
  def secret(name: nil, version: nil, service: nil, config: {})
53
53
  Chef::Log.warn <<~EOM.gsub("\n", " ")
54
- The secrets Chef Infra language helper is currently in beta.
55
- This helper will most likely change over time in potentially breaking ways.
56
- If you have feedback or you'd like to be part of the future design of this
57
- helper e-mail us at secrets_management_beta@progress.com"
54
+ The secrets Chef Infra language helper is currently in beta. If you have feedback or you would
55
+ like to be part of the future design of this helper e-mail us at secrets_management_beta@progress.com"
58
56
  EOM
59
57
  sensitive(true) if is_a?(Chef::Resource)
60
58
  Chef::SecretFetcher.for_service(service, config, run_context).fetch(name, version)
@@ -23,6 +23,7 @@ require_relative "chef_vault"
23
23
  require_relative "registry_helper"
24
24
  require_relative "powershell"
25
25
  require_relative "secret"
26
+ require_relative "reader_helpers"
26
27
  require_relative "render_helpers"
27
28
  require_relative "toml"
28
29
  require_relative "../mixin/powershell_exec"
@@ -50,6 +51,7 @@ class Chef
50
51
  include Chef::DSL::ChefVault
51
52
  include Chef::DSL::RegistryHelper
52
53
  include Chef::DSL::Powershell
54
+ include Chef::DSL::ReaderHelpers
53
55
  include Chef::DSL::RenderHelpers
54
56
  include Chef::DSL::Secret
55
57
  include Chef::Mixin::PowershellExec
@@ -164,7 +164,7 @@ class Chef
164
164
  # Called when LWRPs are finished loading
165
165
  def lwrp_load_complete; end
166
166
 
167
- # Called when an ohai plugin file loading starts
167
+ # Called when ohai plugin file loading starts
168
168
  def ohai_plugin_load_start(file_count); end
169
169
 
170
170
  # Called when an ohai plugin file has been loaded
@@ -173,9 +173,51 @@ class Chef
173
173
  # Called when an ohai plugin file has an error on load.
174
174
  def ohai_plugin_file_load_failed(path, exception); end
175
175
 
176
- # Called when an ohai plugin file loading has finished
176
+ # Called when ohai plugin file loading has finished
177
177
  def ohai_plugin_load_complete; end
178
178
 
179
+ # Called when compliance file loading starts
180
+ def compliance_load_start; end
181
+
182
+ # Called when compliance file loading ends
183
+ def compliance_load_complete; end
184
+
185
+ # Called when compliance profile loading starts
186
+ def profiles_load_start; end
187
+
188
+ # Called when compliance profile loading end
189
+ def profiles_load_complete; end
190
+
191
+ # Called when compliance input loading starts
192
+ def inputs_load_start; end
193
+
194
+ # Called when compliance input loading end
195
+ def inputs_load_complete; end
196
+
197
+ # Called when compliance waiver loading starts
198
+ def waivers_load_start; end
199
+
200
+ # Called when compliance waiver loading end
201
+ def waivers_load_complete; end
202
+
203
+ # Called when a compliance profile is found in a cookbook by the cookbook_compiler
204
+ def compliance_profile_loaded(profile); end
205
+
206
+ # Called when a compliance waiver is found in a cookbook by the cookbook_compiler
207
+ def compliance_waiver_loaded(waiver); end
208
+
209
+ # Called when a compliance waiver is found in a cookbook by the cookbook_compiler
210
+ def compliance_input_loaded(input); end
211
+
212
+ # Called when a compliance profile is enabled (by include_profile)
213
+ def compliance_profile_enabled(profile); end
214
+
215
+ # Called when a compliance waiver is enabled (by include_waiver)
216
+ def compliance_waiver_enabled(waiver); end
217
+
218
+ # Called when a compliance input is enabled (by include_input)
219
+ def compliance_input_enabled(input); end
220
+
179
221
  # Called before attribute files are loaded
180
222
  def attribute_load_start(attribute_file_count); end
181
223
 
@@ -41,10 +41,11 @@ class Chef
41
41
  end
42
42
 
43
43
  def run_start(version, run_status)
44
- puts_line "Starting #{ChefUtils::Dist::Infra::PRODUCT}, version #{version}"
44
+ puts_line "#{ChefUtils::Dist::Infra::PRODUCT}, version #{version}"
45
45
  puts_line "Patents: #{ChefUtils::Dist::Org::PATENTS}"
46
- puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
47
46
  puts_line "OpenSSL FIPS 140 mode enabled" if Chef::Config[:fips]
47
+ puts_line "Infra Phase starting"
48
+ puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
48
49
  end
49
50
 
50
51
  def total_resources
@@ -79,18 +80,18 @@ class Chef
79
80
  puts_line ""
80
81
  end
81
82
  if Chef::Config[:why_run]
82
- puts_line "#{ChefUtils::Dist::Infra::PRODUCT} finished, #{@updated_resources}/#{total_resources} resources would have been updated"
83
+ puts_line "Infra Phase complete, #{@updated_resources}/#{total_resources} resources would have been updated"
83
84
  else
84
- puts_line "#{ChefUtils::Dist::Infra::PRODUCT} finished, #{@updated_resources}/#{total_resources} resources updated in #{pretty_elapsed_time}"
85
+ puts_line "Infra Phase complete, #{@updated_resources}/#{total_resources} resources updated in #{pretty_elapsed_time}"
85
86
  end
86
87
  end
87
88
 
88
89
  def run_failed(exception)
89
90
  @end_time = Time.now
90
91
  if Chef::Config[:why_run]
91
- puts_line "#{ChefUtils::Dist::Infra::PRODUCT} failed. #{@updated_resources} resources would have been updated"
92
+ puts_line "Infra Phase failed. #{@updated_resources} resources would have been updated"
92
93
  else
93
- puts_line "#{ChefUtils::Dist::Infra::PRODUCT} failed. #{@updated_resources} resources updated in #{pretty_elapsed_time}"
94
+ puts_line "Infra Phase failed. #{@updated_resources} resources updated in #{pretty_elapsed_time}"
94
95
  end
95
96
  end
96
97
 
@@ -119,12 +120,12 @@ class Chef
119
120
  def node_load_completed(node, expanded_run_list, config); end
120
121
 
121
122
  def policyfile_loaded(policy)
122
- puts_line "Using policy '#{policy["name"]}' at revision '#{policy["revision_id"]}'"
123
+ puts_line "Using Policyfile '#{policy["name"]}' at revision '#{policy["revision_id"]}'"
123
124
  end
124
125
 
125
126
  # Called before the cookbook collection is fetched from the server.
126
127
  def cookbook_resolution_start(expanded_run_list)
127
- puts_line "resolving cookbooks for run list: #{expanded_run_list.inspect}"
128
+ puts_line "Resolving cookbooks for run list: #{expanded_run_list.inspect}"
128
129
  end
129
130
 
130
131
  # Called when there is an error getting the cookbook collection from the
@@ -149,7 +150,7 @@ class Chef
149
150
 
150
151
  # Called before cookbook sync starts
151
152
  def cookbook_sync_start(cookbook_count)
152
- puts_line "Synchronizing Cookbooks:"
153
+ puts_line "Synchronizing cookbooks:"
153
154
  indent
154
155
  end
155
156
 
@@ -168,7 +169,7 @@ class Chef
168
169
 
169
170
  # Called when starting to collect gems from the cookbooks
170
171
  def cookbook_gem_start(gems)
171
- puts_line "Installing Cookbook Gems:"
172
+ puts_line "Installing cookbook gem dependencies:"
172
173
  indent
173
174
  end
174
175
 
@@ -194,7 +195,7 @@ class Chef
194
195
 
195
196
  # Called when cookbook loading starts.
196
197
  def library_load_start(file_count)
197
- puts_line "Compiling Cookbooks..."
198
+ puts_line "Compiling cookbooks..."
198
199
  end
199
200
 
200
201
  # Called after a file in a cookbook is loaded.
@@ -280,7 +281,7 @@ class Chef
280
281
  end
281
282
 
282
283
  def resource_bypassed(resource, action, provider)
283
- puts " (Skipped: whyrun not supported by provider #{provider.class.name})", stream: resource
284
+ puts " (Skipped: Why-Run not supported by provider #{provider.class.name})", stream: resource
284
285
  unindent
285
286
  end
286
287
 
@@ -317,7 +318,7 @@ class Chef
317
318
  # Called when resource current state load is skipped due to the provider
318
319
  # not supporting whyrun mode.
319
320
  def resource_current_state_load_bypassed(resource, action, current_resource)
320
- puts_line("* Whyrun not supported for #{resource}, bypassing load.", :yellow)
321
+ puts_line("* Why-Run not supported for #{resource}, bypassing load.", :yellow)
321
322
  end
322
323
 
323
324
  def stream_output(stream, output, options = {})
@@ -362,6 +363,52 @@ class Chef
362
363
  end
363
364
  end
364
365
 
366
+ # Called when compliance profile loading starts
367
+ def profiles_load_start
368
+ puts_line("Loading #{Inspec::Dist::PRODUCT_NAME} profile files:")
369
+ end
370
+
371
+ # Called when compliance input loading starts
372
+ def inputs_load_start
373
+ puts_line("Loading #{Inspec::Dist::PRODUCT_NAME} input files:")
374
+ end
375
+
376
+ # Called when compliance waiver loading starts
377
+ def waivers_load_start
378
+ puts_line("Loading #{Inspec::Dist::PRODUCT_NAME} waiver files:")
379
+ end
380
+
381
+ # Called when a compliance profile is found in a cookbook by the cookbook_compiler
382
+ def compliance_profile_loaded(profile)
383
+ start_line(" - #{profile.cookbook_name}::#{profile.pathname}", :cyan)
384
+ puts " (#{profile.version})", :cyan if profile.version
385
+ end
386
+
387
+ # Called when a compliance waiver is found in a cookbook by the cookbook_compiler
388
+ def compliance_input_loaded(input)
389
+ puts_line(" - #{input.cookbook_name}::#{input.pathname}", :cyan)
390
+ end
391
+
392
+ # Called when a compliance waiver is found in a cookbook by the cookbook_compiler
393
+ def compliance_waiver_loaded(waiver)
394
+ puts_line(" - #{waiver.cookbook_name}::#{waiver.pathname}", :cyan)
395
+ end
396
+
397
+ # Called when a compliance profile is enabled (by include_profile)
398
+ def compliance_profile_enabled(profile)
399
+ # puts_line(" * FIXME", :cyan)
400
+ end
401
+
402
+ # Called when a compliance waiver is enabled (by include_waiver)
403
+ def compliance_waiver_enabled(waiver)
404
+ # puts_line(" * FIXME", :cyan)
405
+ end
406
+
407
+ # Called when a compliance input is enabled (by include_input)
408
+ def compliance_input_enabled(input)
409
+ # puts_line(" * FIXME", :cyan)
410
+ end
411
+
365
412
  # (see Base#deprecation)
366
413
  def deprecation(deprecation, _location = nil)
367
414
  if Chef::Config[:treat_deprecation_warnings_as_errors]
@@ -28,20 +28,21 @@ class Chef
28
28
 
29
29
  # Called at the very start of a Chef Run
30
30
  def run_start(version, run_status)
31
- puts_line "Starting #{ChefUtils::Dist::Infra::PRODUCT}, version #{version}"
31
+ puts_line "#{ChefUtils::Dist::Infra::PRODUCT}, version #{version}"
32
32
  puts_line "Patents: #{ChefUtils::Dist::Org::PATENTS}"
33
- puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
34
33
  puts_line "OpenSSL FIPS 140 mode enabled" if Chef::Config[:fips]
34
+ puts_line "Infra Phase starting"
35
+ puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
35
36
  end
36
37
 
37
38
  # Called at the end of the Chef run.
38
39
  def run_completed(node)
39
- puts "#{ChefUtils::Dist::Infra::PRODUCT} finished, #{@updated_resources.size} resources updated"
40
+ puts "Infra phase complete, #{@updated_resources.size} resources updated"
40
41
  end
41
42
 
42
43
  # called at the end of a failed run
43
44
  def run_failed(exception)
44
- puts "#{ChefUtils::Dist::Infra::PRODUCT} failed. #{@updated_resources.size} resources updated"
45
+ puts "Infra phase failed. #{@updated_resources.size} resources updated"
45
46
  end
46
47
 
47
48
  # Called right after ohai runs.
@@ -71,7 +72,7 @@ class Chef
71
72
 
72
73
  # Called before the cookbook collection is fetched from the server.
73
74
  def cookbook_resolution_start(expanded_run_list)
74
- puts "resolving cookbooks for run list: #{expanded_run_list.inspect}"
75
+ puts "Resolving cookbooks for run list: #{expanded_run_list.inspect}"
75
76
  end
76
77
 
77
78
  # Called when there is an error getting the cookbook collection from the